Incident Response Consultant, Talos, Uk - London, United Kingdom - Cisco Systems
Description
What You'll Do
The Cisco Talos Incident Response Consultant will work with Cisco customers, using established methodologies, to perform a variety of reactive and pro-active Incident Response related activities.
These may include emergency investigations of cyber incidents, threat intelligence research, proactively hunting for adversaries in customer environments, crafting and performing Table-Top Exercises, performing IR Readiness Assessments, and teaching an immersive Cyber Range workshop.
The Incident Response Consultant will also be responsible for consulting with customers on projects that will support tactical and strategic Incident Response business objectives.
Cisco Talos Incident Response Consultants will provide verbal and written technical communication concisely to a variety of customers.They must have familiarity with participating in high stress investigations or critical projects, along with an ability to learn new concepts quickly and process them to create guidance or new instructions for handling an incident.
Who You'll Work With
When you work with us, you'll be part of a global distributed team of highly empowered Incident Response and Cyber Threat Intelligence professionals who work as a collaborative team focused on helping our clients be both better prepared to defend against adversaries on their network, as well as responding to active incidents within their network.
Who You Are
Both your clients and your colleagues consider you a charismatic, articulate individual, and a born diplomat.
You check your ego at the door and learn from others constantly, while also helping to educate those who aren't as well versed as you are in technical or procedural topics.
As a result, you have a track record of working tirelessly to help your clients and teammates and have even come up with some novel techniques in your time.
You are willing to routinely travel with less than 24-hour notice, up to 20% of the time.Required Skills:
Respond to global cyber incidents caused by internal and external threats to our customers, that may involve nontraditional working hours.
Foundational familiarity and understanding of host centric analysis using a variety of forensic tools (e.g. EDR, X-Ways, Volatility, Cisco Secure Endpoint, Velociraptor, etc.).
Familiarity with network forensic analysis with an understanding of how to leverage network telemetry to assist with an investigation.
Understands, and can clearly communicate the Incident Response Lifecycle and the Kill Chain (Attack) Life Cycle as it relates to recent known adversary activity.
Demonstrate capability to map technical findings to business impacts and communicate those in a manner which is understandable by a non-technical audience.
Be able to assist with scoping an incident, gain consensus on objectives with customers, and participate in a team of incident response consultants during an emergency engagement.
Familiarity with the theory of threat hunting, and how to proactively hunt for adversaries on customer networks using a variety of tools and techniques.
Understand the concept of performing Incident Response Readiness Assessments for customers, and an understanding of performing interviews and document review.
Familiarity with the process of collaborating on developing written communication of assessments, and reports that may be both internal and customer facing, this includes communication to various levels including technical teams, leadership, and executive management.
Participate in IR related consulting projects as directed.
Be a contributor to process improvement. Help to develop and document process improvements to ensure efficient, consistent, and scalable consulting operations.
Interest in helping to develop public facing material such as blog posts, podcasts, whitepapers, or presentations at conferences.
Desired Characteristics and Experience:
Familiarity of current cyber security threats, attacks, and countermeasures. Such as Ransomware, Cyber Crime, Hacktivism and associated tactics.
Interest in recognized IT Security-related standards and technologies, demonstrated through training, job experience and/or industry activities.
Preferred:
Prior experience in information security and experience handling or investigating cyber security incidents.
Must be willing to be on-call and work off-shift hours, potentially to include nights, weekends, and holidays.
IT Security Certifications
Preferred:
Industry certifications such as the CISSP, CISM, CISA, GCIH, CFCE, GCFA, GNFA, and/or GCFE.
Certifications are not a
More jobs from Cisco Systems
-
Sales Acceleration
Feltham, United Kingdom - 1 week ago
-
Associate Sales Representative
London, United Kingdom - 1 week ago
-
Compliance Specialist, Global Trade Compliance
London, United Kingdom - 4 days ago
-
Collaboration Virtual Sales Specialist
Feltham, United Kingdom - 1 day ago
-
Customer Success Specialist
Feltham, United Kingdom - 1 week ago
-
Compass Data Advisor
Newcastle upon Tyne, United Kingdom - 1 week ago